alt Hacker NewsBecause with Windows, MS can put a list of trusted rootkit anticheats in the kernel and that cannot be changed (without having the source or breaking signatures when hex editing etc).
If Linux did the same, anyone could recompile the kernel with their fake anticheat’s signature. The fake anticheat would then present itself as real to the game. One could go as far as to rewrite the relevant syscall to falsely indicate to the game that the legitimate version is running.
The OEM could control it in hardware and a secure part of the chipset could validate the OS integrity and sign the relevant key (which is what Apple does with SIP on a managed MacOS installation).